285 matches found
NETGEAR WNDRMAC Exposure of Sensitive Information
Exploit for hardware platform in category web applications Product. NETGEAR WNDRMAC Platform. Hardware Affected versions. 1.0.0.22 and below Severity Rating. High Impact. Exposure of sensitive information Attack Vector. From remote without authentication Solution Status. Currently no software...
MYRE Real Estate Software 'findagent.php' Cross Site Scripting and SQL Injection Vulnerabilities
MYRE Real Estate Software is prone to an SQL-injection and multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Microsoft Internet Explorer Event Handlers Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to access local files or content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information that m...
openssl security, bug fix, and enhancement update
1.0.0-10 - fix OCSP stapling vulnerability - CVE-2011-0014 676063 - correct the README.FIPS document 1.0.0-8 - add -x931 parameter to openssl genrsa command to use the ANSI X9.31 key generation method - use FIPS-186-3 method for DSA parameter generation - add OPENSSLFIPSNONAPPROVEDMD5ALLOW...
Facebook Flops On The Sale Of The User's Address, Telephone Numbers !!
Facebook made a rapid retreat Monday January 17 announcing that it would "temporarily" disable the functionality of a new brand that allows applications to third harvest phone numbers of users and home addresses. The function began with a blog Facebook quiet afternoon Friday, January 14. He said...
Symantec Alert Management System Intel Alert Handler command execution
Added: 08/20/2010 BID: 41959 OSVDB: 66807 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager, which listens on port...
Microsoft Internet Explorer XMLHttpRequest Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
phpCommunity2 Multiple Vulnerabilities (Mar 2009) - Active Check
phpCommunity2 is prone to multiple input validation vulnerabilities, including multiple directory traversal issues and SQL-injection issues, and a cross-site scripting issue. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...
Microsoft Internet Explorer Clickjacking Vulnerability
This host has installed Internet Explorer and is prone to clickjacking vulnerability OpenVAS Vulnerability Test $Id: gbmsieclickjackingvuln.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Clickjacking Vulnerability Authors: Sharath S Copyright: Copyright c 2009 Greenbone...
Apple Safari RSS Feed Information Disclosure Vulnerability
The host is running Apple Safari web browser which is prone to remote file access vulnerability. OpenVAS Vulnerability Test $Id: gbapplesafariinfodiscvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Apple Safari RSS Feed Information Disclosure Vulnerability Authors: Nikita MR Copyright: Copyright c...
Serv_U saved in the registry the password in the Read-vulnerability warning-the black bar safety net
In SERVU FTP mention the right vulnerability everyone familiar,I will not speak of these vulnerabilities,because we all know how to use,servu provide the right tools a lot,will not be described. Here just introduce the servu local solutions:1. Modify the local SERVU passwordmany servers didn't...
Mozilla Foundation Security Advisory 2008-22
Mozilla Foundation Security Advisory 2008-22 Title: XSS through JavaScript same-origin violation Impact: High Announced: July 1, 2008 Reporter: mozbugra4 Products: Firefox, SeaMonkey Fixed in: Firefox 3.0 Firefox 2.0.0.15 SeaMonkey 1.1.10 Description Mozilla contributor mozbugra4 submitted a set ...
CVE-2008-1269
The CVE-2008-1269 entry concerns the Alice Gate 2 Plus Wi‑Fi router. Affects the admin panel via cp06_wifi_m_nocifr.cgi, where authentication credentials are not verified, allowing remote attackers to disable Wi‑Fi encryption through a specific request. The available documentation states the vuln...
Cisco IOS LPD buffer overflow vulnerability
Overview The Cisco IOS Line Printer Daemon contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition . Description The Cisco IOS includes support for the UNIX Line Printer Daemon...
Microsoft Internet Explorer Address Bar Spoofing Vulnerability
Description Microsoft Internet Explorer is prone to a vulnerability that lets attackers spoof the address bar of a trusted site. Attackers may exploit this vulnerability via a malicious webpage to spoof the contents and origin of a page that the victim may trust. Attackers may find this issue...
Authentication flaw
Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2, when using Active Directory LDAP for authentication, allows remote authenticated users to access the server even after the account has been disabled...
Drivers for the Intel 2100 PRO/Wireless Network Connection Hardware contain a memory corruption vulnerability
Overview Microsoft Windows drivers for Intel 2100 PRO/Wireless Network Connection Hardware contain a memory corruption vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Description Intel 2100 PRO/Wireless Network Connection Hardware The Inte...
No smoke of war: a network is disabled with the breakthrough limit-vulnerability warning-the black bar safety net
Now, in order to improve work efficiency, many units want to do, including 网禁 stop users use QQ, MSN, lianzhong and other chat software; at the same time, lonely users also find ways to deal with these measures. The two-phase contest, who stands where. it? For QQ, MSN, ourgame such as chat and...
[UNIX] Zeroboard IP Session Bypass XSS
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
CVE-2005-4793
Multiple unspecified vulnerabilities in the web utility function in Hitachi Cm2/Network Node Manager and JP1/Cm2/Network Node Manager before 20050930 allow attackers to execute arbitrary commands, disable services, and "exploit vulnerabilities."...